From a627d8ced3fd64b59942cf8d9ee5acff22629900 Mon Sep 17 00:00:00 2001
From: Liam <liam@fascinated.cc>
Date: Mon, 23 Sep 2024 22:29:21 +0100
Subject: [PATCH] feat(common): add sealed secrets script

---
 common/seal-secret.sh | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 common/seal-secret.sh

diff --git a/common/seal-secret.sh b/common/seal-secret.sh
new file mode 100644
index 0000000..bfcc80b
--- /dev/null
+++ b/common/seal-secret.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+# Function to seal a Kubernetes secret
+seal_secret() {
+    local input_file="$1"
+    if [[ -z "$input_file" ]]; then
+        echo "Usage: seal <path-to-secret-file>"
+        exit 1
+    fi
+
+    if [[ ! -f "$input_file" ]]; then
+        echo "Error: File '$input_file' does not exist."
+        exit 1
+    fi
+
+    local output_file="$(dirname "$input_file")/sealed-$(basename "$input_file")"
+
+    echo "Sealing secret from '$input_file'..."
+    kubeseal --format=yaml < "$input_file" > "$output_file"
+
+    if [[ $? -eq 0 ]]; then
+        echo "Success! Sealed secret created at '$output_file'"
+    else
+        echo "Error: Failed to seal the secret."
+        exit 1
+    fi
+}
+
+# Call the function with the provided argument
+seal_secret "$1"